package com.kxy.auth.web.provider;

import java.util.ArrayList;

import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;


public class CustomAuthenticationProvider implements AuthenticationProvider{
	 private UserDetailsService userDetailsService;

	    private BCryptPasswordEncoder bCryptPasswordEncoder;

	    public CustomAuthenticationProvider(UserDetailsService userDetailsService, BCryptPasswordEncoder bCryptPasswordEncoder) {
	        this.userDetailsService = userDetailsService;
	        this.bCryptPasswordEncoder = bCryptPasswordEncoder;
	    }
	    
	    
	    @Override
	    public boolean supports(Class<?> authentication) {
	        return authentication.equals(UsernamePasswordAuthenticationToken.class);
	    }
	    
	    
	    @Override
	    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
	        // 获取认证的用户名 & 密码
	        String username = authentication.getName();
	        String password = authentication.getCredentials().toString();

	        //通过用户名从数据库中查询该用户
	        UserDetails userDetails = userDetailsService.loadUserByUsername(username);


	        //判断密码(这里是md5加密方式)是否正确
	        String dbPassword = userDetails.getPassword();
	        String encoderPassword =  bCryptPasswordEncoder.encode(password);
	      //  String encoderPassword = DigestUtils.md5DigestAsHex(password.getBytes());

	        if (!dbPassword.equals(encoderPassword)) {
	            throw new RuntimeException("密码错误");
	        }


	        // 还可以从数据库中查出该用户所拥有的权限,设置到 authorities 中去,这里模拟数据库查询.
	        ArrayList<GrantedAuthority> authorities = new ArrayList<>();
	        //authorities.add(new GrantedAuthorityImpl("ADMIN"));

	        Authentication auth = new UsernamePasswordAuthenticationToken(username, password, authorities);

	        return auth;

	    }


	    
}
